{ description = "pbsds' system/home flake"; inputs = { # https://github.com/nixos/nixpkgs nixpkgs-test.url = "github:NixOS/nixpkgs/refs/pull/379645/merge"; # for testing nixpkgs-edge.url = "https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz"; nixpkgs-2411.url = "https://nixos.org/channels/nixos-24.11/nixexprs.tar.xz"; nixpkgs-2405.url = "https://nixos.org/channels/nixos-24.05/nixexprs.tar.xz"; # for old docs nixpkgs-2311.url = "https://nixos.org/channels/nixos-23.11/nixexprs.tar.xz"; # for old docs nixpkgs-2305.url = "https://nixos.org/channels/nixos-23.05/nixexprs.tar.xz"; # for old docs nixpkgs-2211.url = "https://nixos.org/channels/nixos-22.11/nixexprs.tar.xz"; # for old docs nixpkgs-2205.url = "https://nixos.org/channels/nixos-22.05/nixexprs.tar.xz"; # for old docs nixpkgs-2111.url = "https://nixos.org/channels/nixos-21.11/nixexprs.tar.xz"; # for old docs nixpkgs-2105.url = "https://nixos.org/channels/nixos-21.05/nixexprs.tar.xz"; # for old docs nixpkgs-2009.url = "https://nixos.org/channels/nixos-20.09/nixexprs.tar.xz"; # for old docs nixpkgs-2003.url = "https://nixos.org/channels/nixos-20.03/nixexprs.tar.xz"; # for old docs nixpkgs-1909.url = "https://nixos.org/channels/nixos-19.09/nixexprs.tar.xz"; # for old docs nixpkgs-1909.flake = false; # Earlier versions are not flake-pure # expensive to bump # nixpkgs-expensive.url = "github:NixOS/nixpkgs/nixos-unstable"; # https://github.com/nix-community/home-manager home-manager-edge.url = "github:nix-community/home-manager/master"; home-manager-edge.inputs.nixpkgs.follows = "nixpkgs-edge"; home-manager-2411.url = "github:nix-community/home-manager/release-24.11"; home-manager-2411.inputs.nixpkgs.follows = "nixpkgs-2405"; home-manager-2405.url = "github:nix-community/home-manager/release-24.05"; home-manager-2405.inputs.nixpkgs.follows = "nixpkgs-2405"; home-manager-2311.url = "github:nix-community/home-manager/release-23.11"; home-manager-2311.inputs.nixpkgs.follows = "nixpkgs-2311"; home-manager-2305.url = "github:nix-community/home-manager/release-23.05"; home-manager-2305.inputs.nixpkgs.follows = "nixpkgs-2305"; # https://github.com/nix-community/nix-index-database nix-index-database.url = "github:Mic92/nix-index-database"; nix-index-database.inputs.nixpkgs.follows = "nixpkgs-2411"; # only used for .packages # https://github.com/NixOS/nixos-hardware nixos-hardware.url = "github:NixOS/nixos-hardware"; # https://github.com/numtide/system-manager system-manager-edge.url = "github:numtide/system-manager"; system-manager-edge.inputs.nixpkgs.follows = "nixpkgs-edge"; # https://github.com/soupglasses/nix-system-graphics nix-system-graphics-edge.url = "github:soupglasses/nix-system-graphics"; nix-system-graphics-edge.inputs.nixpkgs.follows = "nixpkgs-edge"; # https://github.com/tfc/nspawn-nixos nixos-nspawn.url = "github:tfc/nspawn-nixos"; nixos-nspawn.flake = false; # we don't use it /shrug # https://github.com/nix-community/nix-unit /* nix-unit.url = "github:nix-community/nix-unit"; */ /* nix-unit.inputs.nixpkgs.follows = "nixpkgs-edge"; */ # https://github.com/wamserma/flake-programs-sqlite #flake-programs-sqlite-2311.url = "github:wamserma/flake-programs-sqlite"; #flake-programs-sqlite-2311.inputs.nixpkgs.follows = "nixpkgs-2311"; # https://github.com/nix-community/nixos-generators nixos-generators-2405.url = "github:nix-community/nixos-generators"; nixos-generators-2405.inputs.nixpkgs.follows = "nixpkgs-2405"; # https://github.com/Mic92/sops-nix sops-nix-edge.url = "github:Mic92/sops-nix"; sops-nix-edge.inputs.nixpkgs.follows = "nixpkgs-edge"; sops-nix-2411.url = "github:Mic92/sops-nix"; sops-nix-2411.inputs.nixpkgs.follows = "nixpkgs-2411"; sops-nix-2405.url = "github:Mic92/sops-nix"; sops-nix-2405.inputs.nixpkgs.follows = "nixpkgs-2405"; sops-nix-2311.url = "github:Mic92/sops-nix"; sops-nix-2311.inputs.nixpkgs.follows = "nixpkgs-2311"; sops-nix-2305.url = "github:Mic92/sops-nix"; sops-nix-2305.inputs.nixpkgs.follows = "nixpkgs-2305"; ## https://github.com/h7x4/maunium-stickerpicker-nix #maunium-stickerpicker-nix.url = "github:h7x4/maunium-stickerpicker-nix"; #maunium-stickerpicker-nix.inputs.nixpkgs.follows = "nixpkgs-2311"; /** / https://willbush.dev/blog/impermanent-nixos/ matrix-next.url = "github:dali99/nixos-matrix-modules"; # see https://git.pvv.ntnu.no/Drift/pvv-nixos-config/src/main/flake.nix #https://github.com/considerate/nixos-odroidhc4 #https://cyberchaos.dev/cyberchaoscreatures/musl-nixos/ #https://github.com/numtide/system-manager nix-vscode-extensions.url = "github:nix-community/nix-vscode-extensions" #https://github.com/numtide/nixpkgs-unfree # has a cache #https://github.com/matthewbauer/nixiosk /**/ /** / # https://github.com/cachix/pre-commit-hooks.nix pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix"; pre-commit-hooks.inputs.nixpkgs.follows = "nixpkgs-edge"; /**/ #pbsds-papers.url = "git+ssh://git@github.com/pbsds/papers.git"; roroslyd-no.url = "git+ssh://gitea@git.pvv.ntnu.no:2222/pederbs/roroslyd.no.git"; roroslyd-no.flake = false; refleksjon-net.url = "git+ssh://gitea@git.pvv.ntnu.no:2222/pederbs/refleksjon.net.git"; refleksjon-net.flake = false; }; nixConfig.extra-substituters = [ "https://nix-community.cachix.org?priority=1" # less is more /shrug "https://numtide.cachix.org" # dead? https://github.com/numtide/nixpkgs-unfree/commit/399ae17bda97a0318a0c5316edb169d097a776dc ]; nixConfig.extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" ]; outputs = { self, nixos-hardware, nixos-nspawn, nixos-generators-2405, ... } @ inputs': let inputs-edge = inputs' // { nixpkgs = inputs'.nixpkgs-edge; unstable = inputs'.nixpkgs-edge; home-manager = inputs'.home-manager-edge; sops-nix = inputs'.sops-nix-edge; }; inputs-2411 = inputs' // { nixpkgs = inputs'.nixpkgs-2411; unstable = inputs'.nixpkgs-edge; home-manager = inputs'.home-manager-2411; sops-nix = inputs'.sops-nix-2411; }; inputs-2405 = inputs' // { nixpkgs = inputs'.nixpkgs-2405; unstable = inputs'.nixpkgs-2411; home-manager = inputs'.home-manager-2405; sops-nix = inputs'.sops-nix-2405; }; inputs-2311 = inputs' // { nixpkgs = inputs'.nixpkgs-2311; unstable = inputs'.nixpkgs-2405; home-manager = inputs'.home-manager-2311; sops-nix = inputs'.sops-nix-2311; }; inputs-2305 = inputs' // { nixpkgs = inputs'.nixpkgs-2305; unstable = inputs'.nixpkgs-2311; home-manager = inputs'.home-manager-2305; sops-nix = inputs'.sops-nix-2305; }; inputs-2211 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2211; }; inputs-2205 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2205; }; inputs-2111 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2111; }; inputs-2105 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2105; }; inputs-2009 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2009; }; inputs-2003 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-2003; }; inputs-1909 = inputs-2305 // { nixpkgs = inputs'.nixpkgs-1909; }; inputs-test = inputs-edge // { nixpkgs = inputs'.nixpkgs-test; unstable = inputs'.nixpkgs-test; }; inputs-241T = inputs-2411 // { unstable = inputs'.nixpkgs-test; }; forSystems = systems: f: inputs-edge.nixpkgs.lib.genAttrs systems (system: f rec { inherit system; inputs = inputs-edge; pkgs = inputs.nixpkgs.legacyPackages.${system}; lib = inputs.nixpkgs.legacyPackages.${system}.lib; }); forAllSystems = forSystems [ "x86_64-linux" "aarch64-linux" "riscv64-linux" ]; mkModule = extra-modules: domain: system: inputs: stateVersion: modules: hostname: ({ lib, ... }: { system.stateVersion = lib.mkDefault stateVersion; # TODO: home-manager imports = [ ./base.nix "${self}/hosts/nixos/${hostname}/configuration.nix" inputs.home-manager.nixosModules.default #inputs.nix-index-database.nixosModules.nix-index # TODO: fix? ] ++ modules ++ extra-modules; #++ inputs.flake-programs-sqlite.nixosModules.programs-sqlite; # TODO: make work home-manager.useGlobalPkgs = true; # go brrr, reuse overrides home-manager.extraSpecialArgs = { inherit inputs; }; home-manager.sharedModules = [ inputs.sops-nix.homeManagerModules.sops inputs.nix-index-database.hmModules.nix-index ]; # still needed even if using networkd networking.hostName = hostname; networking.domain = domain; networking.search = [ domain ]; nixpkgs.overlays = [ self.overlays.pbsdspkgs inputs.system-manager-edge.overlays.default (final: prev: { unstable = import inputs.unstable { inherit system; config = final.pkgs.config; }; }) ]; # This makes commandline tools like 'nix run nixpkgs#hello' # and 'nix-shell -p hello' use the same channel as system was built with nix.registry.nixpkgs.flake = inputs.nixpkgs; nix.registry.nixpkgs-unstable.flake = inputs.unstable; nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" "nixpkgs-unstable=${inputs.unstable}" ]; }); mkConfig = extra-modules: domain: system: inputs: stateVersion: modules: hostname: inputs.nixpkgs.lib.nixosSystem { #inherit system; specialArgs = { inherit inputs; }; modules = [ # TODO: specify this in mkModule? { nixpkgs.hostPlatform = system; #nixpkgs.buildPlatform = system; } (mkModule extra-modules domain system inputs stateVersion modules hostname) ]; }; # TODO: move this to a file or separate flake mkHosts = mk: let ls = imports: { inherit imports; }; hw = nixos-hardware.nixosModules; #vf = nixos-vf2.nixosModules; amd = ls [ hw.common-pc hw.common-pc-ssd hw.common-cpu-amd ]; intel = ls [ hw.common-pc hw.common-pc-ssd hw.common-cpu-intel ./hardware/gpu/intel.nix ]; intel-novga = ls [ hw.common-pc hw.common-pc-ssd hw.common-cpu-intel-cpu-only ]; cuda = ls [ ./hardware/gpu/cuda.nix hw.common-gpu-nvidia-nonprime ]; cuda-prime = ls [ ./hardware/gpu/cuda.nix hw.common-gpu-nvidia ]; rocm = ls [ ./hardware/gpu/rocm.nix hw.common-gpu-amd ]; nspawn = ls [ "${nixos-nspawn}/nspawn-image.nix" { boot.isContainer = true; } ]; hidpi = ls [ hw.common-hidpi ./profiles/hidpi.nix ]; p1005 = ./hardware/printer/hp-laserjet-p1005.nix; au = ./profiles/auto-upgrade.nix; ts1 = ./profiles/tailscale-inner.nix; ts2 = ./profiles/tailscale-outer.nix; tse = ./profiles/tailscale-exit-node.nix; #rb = ./profiles/known-hosts; # TODO nixld = ./profiles/nix-ld.nix; dns64 = { config, ... }: { networking.nameservers = [ "2001:700:1:11::2:51" ]; # dns64.uninett.no networking.networkmanager.enable = true; networking.networkmanager.insertNameservers = config.networking.nameservers; # https://github.com/NixOS/nixpkgs/issues/61230 networking.resolvconf.enable = false; }; in builtins.mapAttrs (hostname: curried: curried hostname) { #hostname "domain" "system" inputs "state" [ modules ... ] asgaut = mk "pbsds.net" "riscv64-linux" inputs-2405 "24.05" [ hw.starfive-visionfive-2 ]; noximilien = mk "pbsds.net" "x86_64-linux" inputs-241T "24.11" [ au ts1 tse intel ]; nord = mk "pbsds.net" "x86_64-linux" inputs-2411 "24.11" [ au ts1 intel-novga hw.common-gpu-intel-sandy-bridge rocm hidpi ]; sopp = mk "pbsds.net" "x86_64-linux" inputs-edge "24.11" [ au ts1 nixld intel cuda p1005 ]; bjarte = mk "pbsds.net" "x86_64-linux" inputs-edge "24.11" [ ts1 nixld intel hw.lenovo-thinkpad-x1-7th-gen ]; bolle = mk "pbsds.net" "x86_64-linux" inputs-2411 "24.11" [ au ts2 intel ]; eple = mk "pbsds.net" "x86_64-linux" inputs-2411 "24.11" [ au ts1 tse dns64 intel rocm ]; garp = mk "pbsds.net" "x86_64-linux" inputs-edge "24.11" [ au ts2 intel-novga cuda ]; hasselknippe= mk "pbsds.net" "aarch64-linux" inputs-2405 "24.05" [ ts1 hw.pine64-pinebook-pro ]; #gomperud smattkuken skrytebiffen skalkesnerken balleby bingus skjrlaltatjlstad #bergjlot snortheimsmoen ditlefsen skrukkerud podebusk zmaragd makrell alfnes blix urke pytte uddu imdorf rosenqvist }; in { inputs = inputs'; lib = import ./lib.nix { inputs = inputs'; }; nixosModules = mkHosts (mkModule []); nixosConfigurations = mkHosts (mkConfig []); nixosReports = builtins.mapAttrs (key: self.lib.mkNixosConfigSummary) self.nixosConfigurations; overlays = { pbsdspkgs = final: prev: let pkgs = final; inherit (pkgs) lib; in { pbsds = lib.makeScope pkgs.newScope (pbsds: { # TODO: get faketty to work, ${expect}/bin/unbuffer is bad nixos-rebuild-nom = pkgs.writeScriptBin "nixos-rebuild" '' if test -t 1 && test -z "''${NIX_NO_NOM-}"; then exec ${lib.getExe pkgs.nixos-rebuild} -L "$@" |& ${lib.getExe pkgs.nix-output-monitor} else exec ${lib.getExe pkgs.nixos-rebuild} -L "$@" fi ''; v4l2-play = pkgs.callPackage ./pkgs/v4l2-play {}; device-mon = pkgs.callPackage ./pkgs/device-mon {}; #pdoc-docs = (pkgs.callPackage ./pkgs/pdocs.nix {}).pdocs; #pdoc3-docs = (pkgs.callPackage ./pkgs/pdocs.nix {}).pdocs3; }); }; wl-clipboard-timeout = import ./overlays/wl-clipboard-timeout.nix; default = self.overlays.pbsdspkgs; }; packages = forAllSystems ({ pkgs, lib, ... }: let # TODO: by-name pbsdspkgs = lib.filterAttrs (name: value: lib.isDerivation value) (self.overlays.pbsdspkgs pkgs null).pbsds; in pbsdspkgs // { }); images = forAllSystems ({ inputs, system, pkgs, lib, ... }: let mk-nspawn-setup = hostname: # TODO: nspawn-tarball.nix populates /etc/nixos with junk (pkgs.callPackage ./pkgs/mk-nspawn-setup {}) (mkHosts (mkConfig [ "${nixos-nspawn}/nspawn-tarball.nix" ])).${hostname}; in { asgaut-sd = (mkHosts (mkConfig [ "${nixos-hardware}/starfive/visionfive/v2/sd-image.nix" { nixpkgs.buildPlatform.system = system; # cross sdImage.compressImage = false; } ])).asgaut.config.system.build.sdImage; #brumlebasse-nspawn-setup = mk-nspawn-setup "brumlebasse"; #brumlebasse-openstack = nixos-generators-2405.nixosGenerate { # system = "x86_64-linux"; # specialArgs = { inherit inputs; }; # modules = [ (mkHosts (mkModule [])).brumlebasse ]; # format = "openstack"; #}; }); homeModules.jump = ./users/pbsds/modules/jump.nix; homeModules.micro = ./users/pbsds/modules/micro.nix; homeConfigurations = forAllSystems ({ system, ... }: let mkHome = username: homeDirectory: inputs: modules: inputs.home-manager.lib.homeManagerConfiguration { pkgs = inputs.nixpkgs.legacyPackages.${system}; modules = modules ++ [{ home = { inherit username homeDirectory; }; imports = [ inputs.sops-nix.homeManagerModules.sops inputs.nix-index-database.hmModules.nix-index ]; nixpkgs.overlays = [ self.overlays.pbsdspkgs inputs.system-manager-edge.overlays.default (final: prev: { unstable = import inputs.unstable { inherit system; config = final.pkgs.config; }; }) ]; }]; extraSpecialArgs = { inherit inputs; }; }; in { # TODO: minimal # TODO: static - fhs # TODO: pvv - nfs home # TODO: nix-portable - heid # TODO: garmr # TODO: furios? pbsds = mkHome "pbsds" "/home/pbsds" inputs-edge [ ./users/pbsds/home ]; pbsds-2411 = mkHome "pbsds" "/home/pbsds" inputs-2411 [ ./users/pbsds/home ]; pbsds-2405 = mkHome "pbsds" "/home/pbsds" inputs-2405 [ ./users/pbsds/home ]; pbsds-2311 = mkHome "pbsds" "/home/pbsds" inputs-2311 [ ./users/pbsds/home ]; pbsds-2305 = mkHome "pbsds" "/home/pbsds" inputs-2305 [ ./users/pbsds/home ]; pbsds-gnome = mkHome "pbsds" "/home/pbsds" inputs-edge [ ./users/pbsds/home/gnome.nix ]; pbsds-gnome-2411 = mkHome "pbsds" "/home/pbsds" inputs-2411 [ ./users/pbsds/home/gnome.nix ]; pbsds-gnome-2405 = mkHome "pbsds" "/home/pbsds" inputs-2405 [ ./users/pbsds/home/gnome.nix ]; pbsds-gnome-2311 = mkHome "pbsds" "/home/pbsds" inputs-2311 [ ./users/pbsds/home/gnome.nix ]; pbsds-gnome-2305 = mkHome "pbsds" "/home/pbsds" inputs-2305 [ ./users/pbsds/home/gnome.nix ]; }); # TODO: use this to pull changes to repo homeFileMap = let inherit (inputs-edge.nixpkgs) lib; files = self.homeConfigurations.x86_64-linux.pbsds-gnome.config.home.file; in lib.pipe files [ (lib.filterAttrs (k: v: lib.hasPrefix (toString self) (toString v.source))) (lib.mapAttrs' (k: v: lib.nameValuePair (lib.removePrefix "/home/pbsds/" k) ("." + lib.removePrefix (toString self) (toString v.source)) )) ]; systemConfigs = let mkSystem = name: inputs: system: inputs.system-manager-edge.lib.makeSystemConfig { extraSpecialArgs.inputs = inputs; extraSpecialArgs.system = system; # TODO: find an alternative modules = [ { nixpkgs.hostPlatform = system; } { system-manager.allowAnyDistro = true; } inputs.nix-system-graphics-edge.systemModules.default ./hosts/system-manager/${name}/configuration.nix ]; }; in { FuriPhoneFLX1 = mkSystem "furiphoneflx1" inputs-edge "aarch64-linux"; test = mkSystem "furiphoneflx1" inputs-edge "x86_64-linux"; }; #checks = forAllSystems ({ inputs, system, ... }: { # pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run { # src = ./.; # excludes = ["flake.lock"]; # hooks = { # # https://devenv.sh/reference/options/#pre-commithooks # alejandra.enable = true; # pretties.enable = true; # /* pretties.excludes = [".js" ".md" ".ts"]; */ # }; # }; #}); devShells = forAllSystems ({ pkgs, system, ... }: let mkShell = {...}@args: packages: pkgs.mkShellNoCC (args // { packages = (args.packages or []) ++ packages; }); #mkShell'= {...}@args: packages: pkgs.mkShellNoCC (args // { # inherit (self.checks.${system}.pre-commit-check) shellHook; # packages = (args.packages or []) ++ packages ++ self.checks.${system}.pre-commit-check.enabledPackages; #}); inherit (inputs-edge.system-manager-edge.packages.${system}) system-manager; envrc-pkgs = [ self.packages.${system}.nixos-rebuild-nom pkgs.home-manager pkgs.nix-output-monitor pkgs.cachix pkgs.age pkgs.sops pkgs.ssh-to-age pkgs.just pkgs.gum pkgs.mprocs ]; in rec { envrc = mkShell { } envrc-pkgs; envrc-remotes = mkShell { } (envrc-pkgs ++ [ pkgs.remote-exec pkgs.yq pkgs.rsync ]); remoteenv = mkShell { } [ self.packages.${system}.nixos-rebuild-nom pkgs.age pkgs.ssh-to-age pkgs.just pkgs.gum ]; envrc-fhs = mkShell { inheritFrom = [ envrc ]; } [ system-manager ]; envrc-remotes-fhs = mkShell { inheritFrom = [ envrc-remotes ]; } [ system-manager ]; remoteenv-fhs = mkShell { inheritFrom = [ remoteenv ]; } [ system-manager ]; }); /* checks = forAllSystems ({ pkgs, inputs, system }: { unitTests = pkgs.runCommand "tests" { nativeBuildInputs = [ inputs.nix-unit.packages.${system}.default ]; } '' export HOME="$(realpath .)" # The nix derivation must be able to find all used inputs in the nix-store because it cannot download it during buildTime. nix-unit --eval-store "$HOME" \ --extra-experimental-features flakes \ --override-input nixpkgs ${inputs.nixpkgs} \ --flake ${self}#unitTests touch $out ''; }); unitTests = let doesEval = x: { expr = (builtins.tryEval x).success; expected = true; }; in { # https://nix-community.github.io/nix-unit/ }; */ }; }